~kick-d/ubuntu/+source/ntp:logical/4.2.6.p5+dfsg-3ubuntu9

Branch merges

Propose for merging

Rejected for merging into ~ubuntu-server-dev/ubuntu/+source/ntp:logical

Robie Basak: Disapprove on 2016-02-16

Diff: 2416 lines (+2058/-21)

39 files modified

debian/apparmor-profile (+81/-0)
debian/apparmor-profile.tunable (+15/-0)
debian/control (+4/-2)
debian/ntp.conf (+12/-12)
debian/ntp.dhcp (+1/-1)
debian/ntp.dirs (+3/-0)
debian/ntp.init (+2/-2)
debian/ntp.preinst (+6/-0)
debian/ntpdate-debian (+1/-1)
debian/ntpdate.default (+1/-1)
debian/ntpdate.if-up (+10/-0)
debian/patches/CVE-2014-9293.patch (+42/-0)
debian/patches/CVE-2014-9294.patch (+118/-0)
debian/patches/CVE-2014-9295.patch (+108/-0)
debian/patches/CVE-2014-9296.patch (+16/-0)
debian/patches/CVE-2014-9297.patch (+371/-0)
debian/patches/CVE-2014-9298.patch (+43/-0)
debian/patches/CVE-2015-1798.patch (+33/-0)
debian/patches/CVE-2015-1799.patch (+42/-0)
debian/patches/CVE-2015-5146.patch (+128/-0)
debian/patches/CVE-2015-5194.patch (+49/-0)
debian/patches/CVE-2015-5195.patch (+47/-0)
debian/patches/CVE-2015-5196.patch (+57/-0)
debian/patches/CVE-2015-5219.patch (+27/-0)
debian/patches/CVE-2015-5300.patch (+16/-0)
debian/patches/CVE-2015-7691.patch (+225/-0)
debian/patches/CVE-2015-7701.patch (+23/-0)
debian/patches/CVE-2015-7704.patch (+19/-0)
debian/patches/CVE-2015-7850.patch (+235/-0)
debian/patches/CVE-2015-7852.patch (+35/-0)
debian/patches/CVE-2015-7853.patch (+46/-0)
debian/patches/CVE-2015-7855.patch (+29/-0)
debian/patches/CVE-2015-7871.patch (+40/-0)
debian/patches/ignore-ENOBUFS-on-routing-netlink-socket.patch (+32/-0)
debian/patches/ntp-keygen-endless-loop.patch (+38/-0)
debian/patches/series (+25/-0)
debian/patches/use-after-free-in-routing-socket.patch (+33/-0)
debian/rules (+23/-2)
debian/source_ntp.py (+22/-0)

api

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related charm recipes

c8a02ba... by Kick In on 2016-01-14

  * SECURITY UPDATE: symmetric association authentication bypass via
    crypto-NAK
    - debian/patches/CVE-2015-7871.patch: drop unhandled packet in
      ntpd/ntp_proto.c.
    - CVE-2015-7871

da8c14c... by Kick In on 2016-01-14

  * SECURITY UPDATE: denial of service via ASSERT in decodenetnum
    - debian/patches/CVE-2015-7855.patch: simply return fail in
      libntp/decodenetnum.c.
    - CVE-2015-7855

f0f93bb... by Kick In on 2016-01-14

  * SECURITY UPDATE: buffer overflow via custom refclock driver
    - debian/patches/CVE-2015-7853.patch: properly calculate length in
      ntpd/ntp_io.c.
    - CVE-2015-7853

bca2843... by Kick In on 2016-01-14

  * SECURITY UPDATE: ntpq atoascii memory corruption
    - debian/patches/CVE-2015-7852.patch: avoid buffer overrun in
      ntpq/ntpq.c.
    - CVE-2015-7852

9af4d3a... by Kick In on 2016-01-14

  * SECURITY UPDATE: denial of service via same logfile and keyfile
    - debian/patches/CVE-2015-7850.patch: rate limit errors in
      include/ntp_stdlib.h, include/ntp_syslog.h, libntp/authreadkeys.c,
      libntp/msyslog.c.
    - CVE-2015-7850

56e59ee... by Kick In on 2016-01-14

  * SECURITY UPDATE: denial of service by spoofed KoD
    - debian/patches/CVE-2015-7704.patch: add check to ntpd/ntp_proto.c.
    - CVE-2015-7704
    - CVE-2015-7705

a64bbbd... by Kick In on 2016-01-14

  * SECURITY UPDATE: file overwrite via remote pidfile and driftfile
    configuration directives
    - debian/patches/CVE-2015-5196.patch: disable remote configuration in
      ntpd/ntp_parser.y.
    - CVE-2015-5196
    - CVE-2015-7703

b574fc2... by Kick In on 2016-01-14

  * SECURITY UPDATE: memory leak in CRYPTO_ASSOC
    - debian/patches/CVE-2015-7701.patch: add missing free in
      ntpd/ntp_crypto.c.
    - CVE-2015-7701

5afebc5... by Kick In on 2016-01-14

  * SECURITY UPDATE: incomplete autokey data packet length checks
    - debian/patches/CVE-2015-7691.patch: add length and size checks to
      ntpd/ntp_crypto.c.
    - CVE-2015-7691
    - CVE-2015-7692
    - CVE-2015-7702

d8365e5... by Kick In on 2016-01-14

  * SECURITY UPDATE: timeshifting by reboot issue
    - debian/patches/CVE-2015-5300.patch: disable panic in
      ntpd/ntp_loopfilter.c.
    - CVE-2015-5300